CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-45053
Critical

CubeCart prior to version 6.7.0 contained an Authenticated Arbitrary File Upload vulnerability in the REST API File Manager endpoint. This allows any holder of an API key with files:rw permission to upload PHP files to the images/source/ directory, where they are executed by the web server.

CVE-2026-44377
Critical

CubeCart prior to version 6.7.0 has an Authenticated Server-Side Template Injection (SSTI) vulnerability in multiple modules, including Email Templates and Documents. The application unsafely evaluates user-supplied input through the Smarty template engine.

CVE-2025-27851
Critical

Podatność na Garmin WDU (w wersjach 1.4.6 i 5.0) umożliwia atak typu cross-site origin WebSocket hijacking. Atakujący może przejąć pełną kontrolę nad urządzeniem, wykorzystując WebSockety do zarządzania ustawieniami, w tym ustawieniami administracyjnymi.

CVE-2026-44364
Critical

In versions 3.0.7 and earlier, there is a Cross-Site Request Forgery (CSRF) vulnerability in MISP Modules that allows an attacker to cause an authenticated user to submit unintended requests to the home endpoint. The issue was due to the home blueprint being exempted from CSRF protection.

CVE-2026-44351
Critical

In versions prior to 6.2.4, the fast-jwt library has a critical authentication-bypass vulnerability that allows unauthenticated attackers to forge arbitrary JWTs accepted as authentic.

CVE-2026-42032
Critical

CKAN, a data management system, had a vulnerability in datastore_search_sql that allowed attackers to bypass authorization and gain access to private resources and PostgreSQL system information. The issue is fixed in versions 2.10.10 and 2.11.5.

CVE-2026-42031
Critical

CKAN, an open-source data management system, had a vulnerability in datastore_search_sql that allowed attackers to inject SQL to gain access to private resources and PostgreSQL system information. This vulnerability is fixed in versions 2.10.10 and 2.11.5.

CVE-2026-0257
CriticalActively exploitedEPSS 98%

CVE-2026-0257 describes authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software, allowing an attacker to bypass security restrictions and establish an unauthorized VPN connection.

CVE-2026-45411
Critical

In the vm2 library for Node.js prior to version 3.11.3, a vulnerability allows catching a host exception using the yield* expression inside an async generator. Closing the generator with the return function causes the value to be awaited, and exceptions thrown in the then call are caught by the runtime and passed as the next value to the yield* iterator, enabling sandbox escape and arbitrary command execution.

CVE-2026-44009
CriticalEPSS 52%

A vulnerability in the vm2 library for Node.js allows sandbox escape. The issue is fixed in version 3.11.2.

CVE-2026-44008
CriticalEPSS 54%

A vulnerability in the vm2 library for Node.js prior to version 3.11.2 allows sandbox escape via the neutralizeArraySpeciesBatch method, which can invoke a getter on the array prototype, exposing objects from the outside. Attackers can obtain host objects and the Function object, enabling arbitrary command execution on the host system.

CVE-2026-44007
CriticalEPSS 55%

In vm2 prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally require('vm2') regardless of the outer VM's require configuration, including require: false. With access to vm2, the sandbox constructs a new inner NodeVM with unrestricted require settings and executes arbitrary OS commands on the host.

CVE-2026-44006
CriticalEPSS 52%

A vulnerability in the vm2 library for Node.js allows an attacker to bypass the sandbox and access arbitrary object prototypes. The issue is fixed in version 3.11.0.

CVE-2026-44005
CriticalEPSS 53%

A vulnerability in the vm2 library for Node.js (versions 3.9.6 to 3.10.5) allows attacker-controlled JavaScript running in the sandbox to mutate host prototypes such as Object.prototype, Array.prototype, and Function.prototype. This occurs because the bridge exposes mutable proxies for real host-realm intrinsic prototypes and forwards sandbox writes to host objects using ReflectSet() and ReflectDefineProperty().

CVE-2026-43999
CriticalEPSS 58%

A vulnerability in vm2 prior to 3.11.0 allows bypassing the NodeVM builtin allowlist when the 'builtin' module is allowed (including via the '*' wildcard). Sandboxed code can use Module._load() to load any module in the host context, leading to remote code execution.

CVE-2026-43997
CriticalEPSS 58%

In the vm2 library for Node.js prior to version 3.11.0, there is a vulnerability that allows obtaining the host object. An attacker can use various methods, e.g., via HostObject.getOwnPropertySymbols to obtain Symbol(nodejs.util.inspect.custom) and escape the sandbox.

CVE-2026-42557
Critical

A vulnerability in JupyterLab before version 4.5.7 allows arbitrary JupyterLab commands to be executed via a crafted button in an HTML cell. The CommandLinker listens for click events on the entire document and executes commands without verifying the element's origin.

CVE-2026-41225
Critical

A vulnerability exists in iControl REST that allows a highly privileged, authenticated attacker with at least the Manager role to create configuration objects that enable running arbitrary commands.

CVE-2020-37168
Critical

Ecommerce Systempay 1.0 contains a weak cryptographic implementation vulnerability that allows attackers to brute force the 16-character production secret key used for payment signature generation. Attackers can extract payment form data and signatures from POST requests to the payment endpoint, then use SHA1 hash comparison to iteratively test key candidates until discovering the correct production key.

CVE-2026-42062
Critical

ELECOM wireless LAN access point devices contain an OS command injection in processing of the username parameter. If processing a crafted request, an arbitrary OS command may be executed.

PreviousPage 72 of 553Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS